Hi,
I have several subnets configured in my mikrotik router - the subnets are not allowed to see each other.
When a client connect via SSTP to the mikrotik I want this user to be part of the subnet, he belongs to. So I configured for each subnet a separate ppp profile and assigned it to the user (via ppp secret). Using this way, user1 for subnet1 gets a DHCP-IP from subnet1 and user2 a DHCP-IP from subnet2.
The problem is, that both user are not able to see anything in the private subnets - all of the packets are dropped. So I thought assigning “bridge” to the ppp-profile will add the sstp interface to the local subnet bridge - but that changed nothing.
I found two ways:
- Adding a firwall rule “forward 10.129.0.0/16 → 10.129.0.0/16 allow” (which sounds weird for me)
- Adding a SSTP-Server Binding for the user and adding a firewall rule “Server Binding → Bridge allow” (which is more or less the same)
My question:
- Is there a possibility to add a SSTP-interface to a Bridge to give the SSTP-User full control in the subnet?
- if not: which is the “correct” way of doing that?
Thanks for any help!
Holger